<?php

$auth = $_SESSION['auth'];
if (empty($auth)) die('用户未登录！^_^');

if (empty($_POST['topic_id'])) die;

$topic_id = intval($_POST['topic_id']);
$title = get_substr(filter_var($_POST['title'], FILTER_SANITIZE_STRING), 40);
$content = cleanjs($_POST['content']);
$orders = empty($_POST['orders']) ? 0 : 1;

if (0 < dt_query_one("SELECT pay FROM forum_topic WHERE id = $topic_id")['pay']) {
	global $config;
	if (1 > dt_count('forum_topic', "WHERE id = $topic_id AND user_id = ".$auth['id']) 
		&& !in_array($auth['id'], $config['manager'])) die('没有权限！^_^');
} else {
	require_once('inc/forum_city.php');
	global $config;
	if (1 > dt_count('forum_topic', "WHERE id = $topic_id AND user_id = ".$auth['id']) 
		&& 1 > dt_count('forum', "WHERE id = (SELECT forum_id FROM forum_topic WHERE id = $topic_id) AND user_id = ".$auth['id']) 
		&& !in_array($auth['id'], $config['manager'])
		&& dt_query_one("SELECT user_id FROM forum_city_info WHERE id = $forum_city")['user_id'] != $auth['id']) die('没有权限！^_^');
}

if (empty($title) || empty($content)) die('空的标题或内容！');

$rs = dt_query("UPDATE forum_topic SET title = '$title', content = '$content', orders = '$orders' WHERE id = $topic_id");
if (!$rs) die('更新数据失败！');

$forum_ext = dt_query_one("SELECT ext FROM forum WHERE id = (SELECT forum_id FROM forum_topic WHERE id = $topic_id)")['ext'];
if (0 != $forum_ext) {
	require_once('forum_ext/ext_'.$forum_ext.'/do_topic_edit.php');
} 

die('s0');
